Scan To Network

Last Updated: May 19, 2026

Scan to Network enables users to scan documents directly to on-premises network drives or shared folders from a multifunction printer (MFP). Scanned files are sent from the printer to a local Service Client, which delivers them to the designated network destination. Nothing is stored on the printer or in the cloud, keeping all documents securely within your internal environment.

Scan to Network is available in two modes: Shared and Personal.

Key Points

  • Scanned files never leave your internal environment. Files route from the printer through a local Service Client to the designated network folder.
  • Scan to Network Shared uses a service-level account to write files to the network destination.
  • Scan to Home uses each user's individual credentials to write files to their personal Active Directory (AD) home directory, preserving user identity in file metadata.
  • Scan to Home requires an on-premises Active Directory server that is reachable from the Service Client.

How It Works

Scan to Network Shared

When a user scans a document, the CPA sends the file from the printer to a local Service Client. The Service Client uploads the file to the designated network folder using a service-level account. This mode is suited for teams that share a common network destination and do not require individual user attribution.

Scan to Home

When a user authenticates at the CPA on the MFP, the system uses Kerberos S4U Impersonation to authenticate on behalf of the user against the on-premises Active Directory server. The Service Client retrieves the user's homeDirectory attribute from AD to determine the correct network folder destination. Files are written with the user's identity preserved in the file metadata, providing access control and a clear audit trail.

Users authenticate at the MFP by tapping Connect on the Network Drive destination in the CPA and entering their username and password. The system validates credentials against Active Directory or LDAP.

Requirements

Scan to Network requires the following:

  • Contact your Vasion representative to enable this feature.
  • Service Client running the latest Printer Appss version.
  • Preset Scan Locations created and added in the Admin Console.
  • Scan to Storage installed on the CPA.
  • Shared drive and folder structure.
  • Admin credentials to access the network drive.

Scan to Home also requires:

  • A Lightweight Directory Access Protocol (LDAP) domain configured. For more details refer to LDAP Domain.
    • Current version does not support cloud AD environments (Entra ID (Azure AD)).
    • Imprivata is supported with an on-premis AD server.
  • Users have valid personal network credentials.
  • This feature requires turning on the Enable higher security setting.
    • Turning on higher security forces reinstallation of the CPA on all devices using Transport Layer Security (TLS) 1.2. Not all printer models support higher TLS versions, which can impact installation.
    • For more details refer to Transport Layer Security (TLS) Settings.

Next Steps